Shopping cart woes

I have a Web site that uses a script called "S-Mart" shopping cart.  Recently, about two months ago I moved to a new provider and enhanced the script to handle SSL when the user goes to check out....  now I have a problem.  About 1 in 10 times (1 in 10 orders) I will get an email from a user that says then when he clicks "purchase items" (goes into SSL mode) - all of the items in his cart disappear - I cannot reproduce this error on my own no matter how much I try.....  the script DOES create a file (as the shopping cart) using two ENV variables:

print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|NULL\|NULL\|$partner|\n";

I ALREADY checked though that these variables are available both on the standard and SSL server...  I am at a loss here.. the site is "www.danoday.com"...  I can post more code but I am not sure it will help.  I need some ideas on what more to check... it is very difficult since I cannot see the error logs on the SSL server as my provider won't let me.....

Help?
georgiaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

maneshrCommented:
i think your script might be using cookies to track the shopping basket.

what might (speculating) have happened is that cookie might have been re-set, due to some condition being activated that caused the cookie to be unset.

i think you should look at that part of the code where the cookie is being set and unset to get a fair idea.

also if you could ask the users at what point they got the empty shopping basket (after pressing a particualr button or after visiting a particular page or after selecting a particualr product)

0
christopher sagayamCommented:
email me the code to christopher_sagx@yahoo.com and I will find a solution

chris
0
georgiaAuthor Commented:
It is not using cookies, I am positive.  I am a beginner to imtermediate perl programmer myself and I can tell that it is using strictly ENV vars to tell users apart.
0
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

maneshrCommented:
without cookies, how do you "remmeber" what items the user has put in the shopping basket when the user moves from one page to another??
0
georgiaAuthor Commented:
It is done using ENV vars! - REMOTE HOST and USER AGENT combination.  BTW - I am still totally stuck and open to any suggestions.
0
ozoCommented:
What is your script?  You say it creates a file, how does it do that?  Does it check for errors?  Does it lock the file? What does it do if you get more than one user from the same REMOTE HOST?
0
georgiaAuthor Commented:
It creates the file when someone starts a cart... adds an item, with this code...


                      print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|NULL\|NULL\|$partner|\n";

and it does lock the file.  However, if someone has the same host and usersagent it WILL overwrite the cart, but that is another problem and not actually related to this one (however I understand it could cause this problem) - but something else is causing this in this case as this is realtively low traffic.
0
georgiaAuthor Commented:
Here is the script.....   remember it only goes to the SSL server when someone clicks purchase.  and the SSL server CAN get back to the cart directory..  this problem only occurs about 1 out of ten orders....

#!/usr/bin/perl
###########################################################################
# S-Mart Shopping Cart Script v1.8.7
# Shop smart. Shop S-Mart.
# Written by Barry Robison. (brobison@rcinet.com)
# This script uses code written by Matt Wright.
# Please visit his site at http://worldwidemart.com
# This script is mailware. Please e-mail me if you use it.
#
# Selling the code for this program without prior written consent is        
# expressly forbidden.  In other words, please ask first before you try and  
# make money off of my program.                                              
#                                                                            
# Obtain permission before redistributing this software over the Internet or
# in any other medium.  In all cases copyright and header must remain intact.
###########################################################################
require 'usa.cfg';
###########################################################################
# Done. Make no changes below this line, unless you know what you are doing.
###########################################################################
$incoming = $ENV{'QUERY_STRING'};
@pairs = split(/&/, $incoming);
foreach $pair (@pairs) {
  ($name, $value) = split(/=/, $pair);
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  $FORM{$name} = $value;
}

# Get command variables
$command = $FORM{'command'};
$pos = $FORM{'pos'};
$type = $FORM{'type'};
$cmdlinegroup = $FORM{'group'};
$partner = $FORM{'refpage'};

# Parse form input
&parse_form;

# Get the date
&get_date;

# Get their hostname
#if ($cookie eq '1') {
#&get_cookie;
#}
#else {
&get_host;
#}

# See if they have a cart already, if not, make one
&check_file;

# See what they want to do.

# Add an item to the cart.
if ($command eq 'add') {
&add_item;
}

# Change a quantity of an item in the cart, if at zero, delete it
elsif ($command eq 'change') {
&change_items;
}

# Show the order form. Get their name, phone number, CC info, etc..
elsif ($command eq 'buy1') {
&buy_items1;
}

# Process the order form info, mail out receipt, and order
elsif ($command eq 'buy2') {
&buy_items2;
}

# Show current cart
elsif ($command eq 'review') {
&review_items;
}

# List items, based on database call
elsif ($command eq 'listitems') {
&gen_page;
}

# Show a databae frontend.
elsif ($command eq 'showstore') {
&show_store;
}

# Delete a whole cart
elsif ($command eq 'delete') {
&delete_cart;
}
# Calculate shipping
elsif ($command eq 'calcship') {
&calc_shipping;
}
elsif ($command eq 'setship') {
&set_shipping;
}
else { print "Content-type: text/html\n\n <html>No Command\n"; }
# Subroutines:

# Generate page, based on database search
sub gen_page {
local($SIZE,$max,$i,$itemid,$name,$price,$descrip,$image,$weight,$ralink,$itemurl,$group);
&print_header;
# Table header, change this for table options!
print "<center><table cellpadding=3 border=1 cellspacing=0>\n";
print "<tr>\n";

open (FILE,"$resourcedb") || die "Content-type: text/html\n\nCan't Open $resourcedb(r): $!\n";
@LINES=<FILE>;
close(FILE);
$SIZE=@LINES;


if ($type eq 'all') {
$max = $pos + $numtolist;

if ($max > $SIZE) {
$max = $SIZE;
}

for ($i=$pos;$i<$max;$i++) {
   $_=$LINES[$i];

($itemid, $name, $price, $descrip, $image, $weight, $ralink, $itemurl, $group) = split(/\|/,$_);

&print_item;
}

print "</table>\n";

if ($max < $SIZE) {
      print "<center><BR><font face=arial size=-1><B><a href=\"$cgiurl\?command=listitems\&pos=$max&type=all\">Next $numtolist items</a></B></font></center>\n";
      }
      
}

if ($type eq 'search') {
$matches = 0;
$i = $pos;

while (($matches < $numtolist) && ($i < $SIZE)) {

$_=$LINES[$i];

if (m/$FORM{'search'}/i) {
$matches++;
($itemid, $name, $price, $descrip, $image, $weight, $ralink, $itemurl, $group) = split(/\|/,$_);

&print_item;

      }

$i++;
}

print "</table>\n";

if ($i < $SIZE) {
print "<form method=post action=\"$cgiurl\?command=listitems\&pos=$i\&type=search\">\n";
print "<input type=hidden name=itemid value=\"$itemid\">\n";
print "<input type=hidden name=search value=\"$FORM{'search'}\">\n";
print "<center><input type=submit value=\"Continue Search\"></form>\n";
}
}

if ($type eq 'group') {
$matches = 0;
$i = $pos;
while (($matches < $numtolist) && ($i < $SIZE)) {
$_=$LINES[$i];
($itemid, $name, $price, $descrip, $image, $weight, $ralink, $itemurl, $group) = split(/\|/,$_);

if ($group eq $FORM{'group'} || $group eq $cmdlinegroup) {
$matches++;

&print_item;
      }
      
$i++;
}

print "</table>\n";

if ($i < $SIZE) {
print "<form method=post action=\"$cgiurl\?command=listitems\&pos=$i\&type=search\">\n";
print "<input type=hidden name=search value=\"$FORM{'group'}\">\n";
print "<center><input type=submit value=\"Continue Search\"></form>\n";

}

}

&print_footer;

# This is where you want to cusomize your generated pages!!
# Basically the top part will write out the header, then the table header
# Change the table header for options like spacing, borders, etc...

sub print_item {

print "<form method=post action=\"$cgiurl\?command=add\">\n";
# Hide the weight for later use
print "<input type=hidden name=weight value=\"$weight\">\n";
print "<input type=hidden name=itemid value=\"$itemid\">\n";
# If you want to redirect, keep this in!
if ($useredirect eq '1') {
      print "<input type=hidden name=redirect value=\"referrer\">\n";
      }


# If the item has a URL, make it a link
if ($itemurl) {
      print "<td valign=top bgcolor=\"ffffcc\"><a href=\"$itemurl\"><font color=\"000000\" face=arial size=-1><B>\n";
             
                                 $name =~ s/-/<BR>/g;
                                print "$name\n";  
                                  $name =~ s/<BR>/-/g;
            print "</B></font></a><input type=hidden name=itemname value=\"$name\"></td>\n";
      }
      else {
             
                       
            print "<td valign=top bgcolor=\"ffffcc\"><font color=\"000000\" face=arial size=-1><B>\n";
             $name =~ s/-/<BR>/g;
            print "$name\n";
             $name =~ s/<BR>/-/g;
            print "</B></font><input type=hidden name=itemname value=\"$name\"></td>\n";
            }
            
# Print other info

#Price
print "<td valign=top bgcolor=\"ffffcc\"><font color=\"000000\" face=arial size=-1><B>\$ $price</B></font><input type=hidden name=itemprice value=\"$price\"></td>\n";

#Quantity
print "<td valign=top bgcolor=\"ffffcc\" face=arial size=-1><input type=text size=2 name=itemquant value=1></td>\n";

#Add button
print "<td valign=top align=center bgcolor=\"ffffcc\">\n";

if ($ralink != '99.ram') {  
      
      print "<A Href=\"/audio/$ralink\"><font color=\"000000\" face=arial size=-1><B>Play Free Audio Sample Now!</B></font></a><P>\n";
                         }
print "<input type=submit value=\"Buy Me!\"></td>\n";

#Description
if ($image eq '99.gif') {  
      
      print "</tr><tr><td colspan=4><font face=arial size=-1><table border=1 align=right width=150 cellspacing=0 cellpadding=5 bgcolor=\"ffffcc\"><TR><TD><font face=arial color=\"0000cc\" face=arial size=-1><h3>$name</H3></font></TD></TR></TABLE> $descrip</font></td>\n";
            
            }
            elsif ($image eq 'none') {
            print "</tr><tr><td colspan=4><font size=-1 face=arial>$descrip (description above)<P></font></td>\n"
            }
            else { print "</tr><tr><td colspan=4><font size=-1 face=arial><img src=\"$imageurl/$image\" align=right> $descrip</font></td>\n"; }
            

# Close
print "</form></tr><tr>\n";

if  ($image ne 'none') {
print "<td colspan=4>&nbsp\;</td></TR><TR>\n";
}
      
}
## END print_item

}
## END gen_page


# Show front end of database store.
sub show_store {
&print_header;
print "<center>\n";
print "<table width=80%><td>\n";
print "<B><a href=\"$cgiurl\?command=listitems\&type=all\&pos=0\">LIST ALL ITEMS AVAILABLE</a></B><br>\n
<Br>\n
<table>
<td>Search for a particular item(s):</td>
<td>
<form method=post action=\"$cgiurl\?command=listitems\&pos=0\&type=search\">
<input type=text name=search size=30></td>\n";
print "<td><input type=submit value=Search></form></tD>
</table>\n";
print "<table>
<td>List all:</td>
<td>
<form method=post action=\"$cgiurl/usa/usa.cgi\?command=listitems\&pos=0\&type=group\">
<select name=group><option selected>Select a Group</option>\n";
print "<OPTION value=\"Air Talent Development\"> Air Talent Development </option>\n
<OPTION value=\"Airchecks\"> Airchecks </option>
<OPTION value=\"Career Advancement\"> Career Advancement </option>
<OPTION value=\"Comedy\"> Comedy </option>
<OPTION value=\"Dork-A-Pellas\"> Dork-A-Pellas </option>
<OPTION value=\"Jingles\"> Jingles </option>
<OPTION value=\"Management\"> Management </option>
<OPTION value=\"Morning Shows\"> Morning Shows </option>
<OPTION value=\"Music Scheduling\"> Music Scheduling </option>
<OPTION value=\"Personality\"> Personality </option>
<OPTION value=\"Production Aids\"> Production Aids </option>
<OPTION value=\"Programming\"> Programming </option>
<OPTION value=\"Promotions\"> Promotions </option>
<OPTION value=\"Research\"> Research </option>
<OPTION value=\"Sales\"> Sales </option>
<OPTION value=\"Show Prep\"> Show Prep </option>
<OPTION value=\"T-Shirts\"> T-Shirts </option>
<OPTION value=\"Talk Radio\"> Talk Radio </option>
<OPTION value=\"Voiceover\"> Voiceover </option>\n";

#  foreach $group (keys %groups){
#      print "<OPTION value=\"$group\"> $groups{$group} </option>\n";
#    }

    print "</select></td><td>\n";
print "<center><input type=submit value=\"List\"</form>
</td>
</table> \n";

print "</td></table>\n";
&print_footer;
}
## END show_store

# Print the HTML header
sub print_header {
print "Content-type: text/html\n\n";
open (HEADER,"$basepath/$header") || print "Could not open $basepath/$header $! \n";
while (<HEADER>) {
print $_;
      }
close(HEADER);      
}
## END print_header;

# Print the SECURE HTML header
sub print_secure_header {
print "Content-type: text/html\n\n";
open (HEADER,"$basepath/$secureheader") || print "Could not open $basepath/$header $! \n";
while (<HEADER>) {
print $_;
      }
close(HEADER);      
}
## END print_header;


#Print the HTML footer
sub print_footer {
open (FOOTER,"$basepath/$footer") || print "Could not open $basepath/$footer $! \n";
while (<FOOTER>) {
print $_;
      }
close(FOOTER);      
### Please do not delete this message.
}
## END print_footer

# List items in cart.
sub list_items {
local ($totalprice,$totalquant,$totalweight) = 0;
open (REFFILE,"$reffile") || die "Content-type: text/html\n\nCan't Open $reffile(r): $!\n";
@LINES=<REFFILE>;
close(REFFILE);
$SIZE=@LINES;

print "<form name=\"purchase\" method=POST action=\"$cgiurl?command=change\">\n";
print "<table border=1 cellpadding=2 cellspacing=0><tr>\n";

if ($useimage eq '1') {
      print "<th></th>";
      }
      
if ($useid eq '1') {
      print "<th>Item ID</th>";
      }

print "<th><font face=arial size=-1>Item Name</font></th><th><font face=arial size=-1>Price</font></th><th><font face=arial size=-1>Quantity</font></th></tr>";

for ($i=1;$i<$SIZE;$i++) {
   $_=$LINES[$i];
($itemname, $itemprice, $itemquant, $weight, $itemid) = split(/\|/,$_);

$tmpprice = $itemprice*$itemquant;
$tmpprice = int($tmpprice * (10 ** 2) + .5) / (10 ** 2);

$atmpprice = $tmpprice;

$tmpprice = sprintf("%5.2f",$atmpprice);



$totalprice=$totalprice + $tmpprice;
$totalquant=$totalquant + $itemquant;
$totalweight = ($weight*$itemquant) + $totalweight;
print "<tr>";

if ($useimage eq '1') {
      if ($FORM{'image'}) {
            print "<td><img src=\"$imageurl/$FORM{'image'}\"></td>\n";
            }
      else {
            print "<td></td>";
            }
      }
      
if ($useid eq '1') {
      print "<td><font face=arial size=-1>$itemid <input type=hidden name=itemid value=\"$itemid\"></font></td>\n";
      }

print "<td><font face=arial size=-1>$itemname</font></td><td align=right><font face=arial size=-1>\$ $itemprice</font></td><td align=center><font face=arial size=-1><input type=number size=2 value=\"$itemquant\" name=item$i></font></td><td align=right><font face=arial size=-1>\$ $tmpprice</font></tr>\n";
}
print "<tr><td><font face=arial size=-1><b>Subtotal:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }
      
$_ = $totalprice;
if (/\./) {
      ($left,$right) = split(/\./,$totalprice);
      if (length($right) == 0) {
            $totalprice = $totalprice . "00";
            }
            elsif (length($right) == 1) { $totalprice = $totalprice . "0"; }
      }
      else { $totalprice = $totalprice . ".00"; }

$atotalprice = $totalprice;

$totalprice = sprintf("%5.2f",$atotalprice);

print "<td></td><td></td><td align=right><font face=arial size=-1><b>\$ $totalprice</b></font></td></tr>\n";

if ($tax eq '0') {
# print nothing
}
elsif ($tax eq '1') {
print "<tr><td><font face=arial size=-1><b>Taxes:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }
print "<td></td><td></td><td align=right><font face=arial size=-1><b>Variable by State</center></b></font></td></tr>\n";
}
elsif ($tax eq '2') {
$taxtotal = $totalprice * $taxamt;
$taxtotal = int($taxtotal * (10 ** 2) + .5) / (10 ** 2);


$totalprice = $totalprice + $taxtotal;
print "<tr><td><font face=arial size=-1><b>Taxes:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }
print "<td></td><td></td><td align=right><font face=arial size=-1><b>\$ $taxtotal</center></b></font></td></tr>\n";
}
 
if ($shipping eq '0') {
# print nothing
}
elsif ($shipping eq '1') {
local($low,@prices,$price);
@prices = sort number keys %shipping;
$low = $prices[0];
foreach $price (@prices) {
        if ($price < $low && $price >= $totalquant) {$low = $price};
}
$shipamt = $shipping{$low};
$totalprice = $totalprice + $shipamt;
print "<tr><td><b>Shipping & Handling:</b></td>";
if ($useimage eq '1') {
        print "<td></td>";
        }
if ($useid eq '1') {
        print "<td></td>";
        }
print "<td></td><td></td><td align=right><font face=arial size=-1><b>\$ $shipamt</b></font></td></tr>\n";
}
elsif ($shipping eq '2') {
$totalprice = $totalprice + $shipamt;

$btotalprice = $totalprice;

$totalprice = sprintf("%5.2f",$btotalprice);



print "<tr><td><font face=arial size=-1><b>Shipping & Handling:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }
print "<td></td><td></td><td align=right><font face=arial size=-1><b>\$ $shipamt</b></font></td></tr>\n";
}
elsif ($shipping eq '3') {
local($low,@weights,$weight);
@weights = sort number keys %shipping;
$low = $weights[0];
foreach $weight (@weights) {
        if ($weight > $low && $weight <= $totalweight) {$low = $weight};
}
$shipamt = $shipping{$low};
$totalprice = $totalprice + $shipamt;
print "<tr><td><font face=arial size=-1><b>Shipping & Handling:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }
print "<td></td><td></td><td align=right><font face=arial size=-1><b>\$ $shipamt</b></font></td></tr>\n";
}
elsif ($shipping eq '4') {
print "<tr><td><font face=arial size=-1><b>Shipping & Handling:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }
print "<td></td><td></td><td align=right><font face=arial size=-1>";
if ($usership eq 'NULL') {
                  print "<a href=\"$cgiurl\?command=calcship\">Calculate<br>Shipping</a>";
                  }
            else {
                  print "<b>\$ $usership</b>";
                  $totalprice = $totalprice + $usership;
                  }
print "</font></td></tr>\n";
}

$totalprice = int($totalprice * (10 ** 2) + .5) / (10 ** 2);
$_ = $totalprice;
if (/\./) {
      ($left,$right) = split(/\./,$totalprice);
      if (length($right) == 0) {
            $totalprice = $totalprice . "00";
            }
            elsif (length($right) == 1) { $totalprice = $totalprice . "0"; }
      }
      else { $totalprice = $totalprice . ".00"; }
      
print "<tr><td><font face=arial size=-1><b>Total price:</b></font></td>";
if ($useimage eq '1') {
      print "<td></td>";
      }
if ($useid eq '1') {
      print "<td></td>";
      }

$ctotalprice = $totalprice;

$totalprice = sprintf("%5.2f",$ctotalprice);


print "<td></td><td></td><td align=right><font face=arial size=-1>\$<input type=number  name=\"totalp\" size=6 value=\"$totalprice\"></font></td></tr>\n";
print "</table><br>\n";
      
}

# Review all items in cart. Can modify quantities.
sub review_items {
&print_header;
&list_items;
print "<CENTER><font face=arial size=-1>To remove an item from your cart, please enter a quantity of \"0\"</font><P></CENTER>\n";
print "<center><input type=submit value=\"Re-Calculate\"></form>\n";

&print_footer;
}

# Add a item to the cart, show review page, unless they included a redirect variable.
sub add_item {
open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
@LINES=<REFFILE>;
close(REFFILE);
$SIZE=@LINES;
open (REFFILE,">$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|NULL\|NULL\|$partner|\n";
for ($i=1;$i<$SIZE;$i++) {
         $_=$LINES[$i];
      ($itemname, $itemprice, $itemquant, $weight, $ralink, $itemid) = split(/\|/,$_);
      print REFFILE join("\|", $itemname,$itemprice,$itemquant,$weight,$ralink,$itemid,"\|\n");
      }
print REFFILE join ("\|", $FORM{'itemname'},$FORM{'itemprice'},$FORM{'itemquant'},$FORM{'weight'},$FORM{'ralink'},$FORM{'itemid'});
print REFFILE "\|\n";
close(REFFILE);
if ($useredirect eq '1') {
      print "Content-type: text/html\n\n <html><head><script language = Javascript>\n";
      print "function AddItem\(\) \{\n";
      print "alert(\"Your selection has been added to your Shopping Cart\")\;\n";
      print "history.back\(\)\;\n";
      print "\}\n";
      print "</SCRIPT></HEAD><body bgcolor=white onload=\"AddItem()\"><font face=arial size=-1><B>Your selection has been added to your Shopping Cart.</B>.<P>If you browser does not support Javascript, please press BACK now.\n";
      }
      else {
if ($FORM{'redirect'}) {
      if ($FORM{'redirect'} eq 'referrer') {
            print "Location: $ENV{'HTTP_REFERER'} \n\n";
            }
      else {
            print "Location: $FORM{'redirect'} \n\n";
            }
      }
else {
      &review_items;
      }
      }
}

# Change quanities of items, delete zero quantity items.
sub change_items {
open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
@LINES=<REFFILE>;
close(REFFILE);
$SIZE=@LINES;

open (REFFILE,">$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|NULL\|NULL\|$partner\|\n";
for ($i=1;$i<$SIZE;$i++) {
      local($itemq) = "item$i";
         $_=$LINES[$i];
      ($itemname, $itemprice, $itemquant, $weight, $ralink, $itemid) = split(/\|/,$_);
      if ($FORM{$itemq} > 0) {
            print REFFILE join ("\|", $itemname,$itemprice,$FORM{$itemq},$weight,$ralink,$itemid,"\|\n");
            }
      }
close(REFFILE);
print "Location: $cgiurl\?command=review\n\n";
}
# Show the order form
sub buy_items1 {

&check_empty;

if ($usership eq 'NULL' && $shipping eq '4') {
&error('noship');
}

&print_secure_header;

&list_items;

open (ORDER,"$basepath/$order") || print "Could not open $basepath/$order $! \n";
while (<ORDER>) {
print $_;
      }
close(ORDER);      

#&print_footer;
}

# Process the order form
sub buy_items2 {
&check_required;
if ($useverify eq '1') {
      &CC_Verify;
      }
&send_order;
&send_verify;
&print_secure_header;
print "<h3>You have successfully ordered the following:</h3>\n";
&list_items;
print "<br><br>\n";
#&print_footer;
print "<P></font><table border=0>\n";
print "<tr><td><IMG SRC=\"/images/divider.gif\" WIDTH=\"410\" HEIGHT=\"1\" BORDER=\"0\"><br><b><kbd>Don\'t have time to surf?  <A HREF=\"/catalog.txt\">Download</A> the complete TEXT version of our catalog!</kbd></b></td></tr>\n";
print "</TABLE></td></tr></TABLE></BODY></HTML>\n";
unlink($reffile);
}

# parse form input
sub parse_form {

   if ($ENV{'REQUEST_METHOD'} eq 'GET') {
      # Split the name-value pairs
      @pairs = split(/&/, $ENV{'QUERY_STRING'});
   }
   elsif ($ENV{'REQUEST_METHOD'} eq 'POST') {
      # Get the input
      read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
 
      # Split the name-value pairs
      @pairs = split(/&/, $buffer);
   }
   else {
      &error('request_method');
   }

   foreach $pair (@pairs) {
      ($name, $value) = split(/=/, $pair);
 
      $name =~ tr/+/ /;
      $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

      # If they try to include server side includes, erase them, so they
      # arent a security risk if the html gets returned.  Another
      # security hole plugged up.

      $value =~ s/<!--(.|\n)*-->//g;

      # Create two associative arrays here.  One is a configuration array
      # which includes all fields that this form recognizes.  The other
      # is for fields which the form does not recognize and will report
      # back to the user in the html return page and the e-mail message.
      # Also determine required fields.

      if ($name eq 'bgcolor' ||
        $name eq 'background' ||
        $name eq 'link_color' ||
        $name eq 'vlink_color' ||
      $name eq 'text_color' ||
           $name eq 'alink_color' ||
        $name eq 'title' ||
        $name eq 'sort' ||
        $name eq 'print_config' ||
        $name eq 'return_link_title' ||
        $name eq 'return_link_url' && ($value)) {
         
       $CONFIG{$name} = $value;
      }
      elsif ($name eq 'required') {
         @required = split(/,/,$value);
      }
      elsif ($name eq 'exclude') {
            @exclude = split(/,/,$value);
            }
      else {
         if ($FORM{$name} && ($value)) {
          $FORM{$name} = "$FORM{$name}, $value";
       }
         elsif ($value) {
            $FORM{$name} = $value;
         }
      }
   }
}

# Send the order
sub send_order {

# Get any cookies of referrers...


   # Open The Mail Program



# Aaron added - OPEN THE REFFILE!!!!!

open (REFFILE,"$reffile") || die "Content-type: text/html\n\nCan't Open $reffile(r): $!\n";
@LINES=<REFFILE>;
close(REFFILE);
$SIZE=@LINES;
local($totalquant,$totalprice,$totalweight) = 0;


open(MAIL,"|$mailprog -t");

   print MAIL "To: $FORM{'recipient'}\n";
   print MAIL "From: $FORM{'email'} ($FORM{'realname'})\n";
   print MAIL "Subject: $FORM{'subject'}\n\n";
   print MAIL "Below is the result of the purchase form.  It was ";
   print MAIL "submitted by $FORM{'realname'} ($FORM{'email'}) on ";
   print MAIL "$date\n";
   print MAIL "Company: $FORM{'company'}\n";      
   print MAIL "Address: $FORM{'street'}\n";
   print MAIL "City: $FORM{'city'}\n";
   print MAIL "State: $FORM{'state'}\n";      
   print MAIL "Zip: $FORM{'zip'}\n";
   print MAIL "This is my: $FORM{'typeaddress'}\n";
   print MAIL "Phone: $FORM{'phone'}\n";
   print MAIL "Fax: $FORM{'fax'}\n";
   print MAIL "----------------------------------------------------------------\n";
   print MAIL "Buyer info:\n";
   print MAIL "Remote Host: $userhost\n";
   print MAIL "Buyer Agent: $useragent\n";
   print MAIL "\n\n";
   print MAIL "****";
   print MAIL "REFER FROM: $partner\n";
   print MAIL "****";
   print MAIL "\n\n";
   print MAIL "The purchase is:\n\n";
   
print MAIL sprintf ("%-45.45s", "Item Name");
print MAIL sprintf ("%14.14s", "Item Price");
print MAIL sprintf ("%10.10s", "Quantity");
print MAIL sprintf ("%18.18s", "Item Total");
print MAIL "\n";
print MAIL "----------------------------------------------------------------------\n";

for ($i=1;$i<$SIZE;$i++) {
   $_=$LINES[$i];
($itemname, $itemprice, $itemquant, $weight) = split(/\|/,$_);
$tmpprice = $itemprice*$itemquant;
$tmpprice = int($tmpprice * (10 ** 2) + .5) / (10 ** 2);
$totalprice=$totalprice + $tmpprice;
$totalquant=$totalquant + $itemquant;
$totalweight = $totalweight + $weight;

print MAIL sprintf ("%-45.45s", $itemname);
print MAIL sprintf ("%13.13s", "\$$itemprice");
print MAIL sprintf ("%10.10s", $itemquant);
print MAIL sprintf ("%10.10s", "          ");
print MAIL sprintf ("%5.2f",$tmpprice);
print MAIL "\n";
}

print MAIL "----------------------------------------------------------------------\n";
print MAIL "Subtotal:";
$_ = $totalprice;
if (/\./) {
      ($left,$right) = split(/\./,$totalprice);
      if (length($right) == 0) {
            $totalprice = $totalprice . "00";
            }
            elsif (length($right) == 1) { $totalprice = $totalprice . "0"; }
      }
      else { $totalprice = $totalprice . ".00"; }
print MAIL sprintf ("%5.2f", $totalprice);
print MAIL "\n";

if ($tax eq '0') {
# Do nothing
}
elsif ($tax eq '1') {
foreach $key (keys %taxes) {
      if ($FORM{'state'} eq $key) {$taxamt = $taxes{$key}};
      }
$taxtotal = $totalprice * $taxamt;
$taxtotal = int($taxtotal * (10 ** 2) + .5) / (10 ** 2);
$totalprice = $totalprice + $taxtotal;
print MAIL "Taxes:";
print MAIL sprintf ("%60.60s", "\$$taxtotal\n");
}
elsif ($tax eq '2') {
$taxtotal = $totalprice * $taxamt;
$taxtotal = int($taxtotal * (10 ** 2) + .5) / (10 ** 2);
$totalprice = $totalprice + $taxtotal;
print MAIL "Taxes:";
print MAIL sprintf ("%60.60s", "\$$taxtotal\n");
}
 
if ($shipping eq '0') {
# Print Nothing
}
elsif ($shipping eq '1') {
local($low,@prices,$price);
@prices = sort number keys %shipping;
$low = $prices[0];
foreach $price (@prices) {
        if ($price < $low && $price >= $totalquant) {$low = $price};
}
$shipamt = $shipping{$low};
$totalprice = $totalprice + $shipamt;
print MAIL "Shipping:";
print MAIL sprintf ("%57.57s", "\$$shipamt\n");
}
elsif ($shipping eq '2') {
$totalprice = $totalprice + $shipamt;
print MAIL "Shipping:";
print MAIL sprintf ("%57.57s", "\$$shipamt\n");
}
elsif ($shipping eq '3') {
local($low,@weights,$weight);
@weights = sort number keys %shipping;
$low = $weights[0];
foreach $weight (@weights) {
        if ($weight > $low && $weight <= $totalweight) {$low = $weight};
}
$shipamt = $shipping{$low};
$totalprice = $totalprice + $shipamt;
print MAIL "Shipping:";
print MAIL sprintf ("%57.57s", "\$$shipamt\n");
}
elsif ($shipping eq '4') {
$shipamt = $usership;
$totalprice = $totalprice + $shipamt;
print MAIL "Shipping:";
print MAIL sprintf ("%5.2f", $shipamt);
print MAIL "\n";
}

$totalprice = int($totalprice * (10 ** 2) + .5) / (10 ** 2);
$_ = $totalprice;
if (/\./) {
      ($left,$right) = split(/\./,$totalprice);
      if (length($right) == 0) {
            $totalprice = $totalprice . "00";
            }
            elsif (length($right) == 1) { $totalprice = $totalprice . "0"; }
      }
      else { $totalprice = $totalprice . ".00"; }
print MAIL "Total Price:";
print MAIL sprintf ("%5.2f", $totalprice);
print MAIL "\n";

print MAIL "ADJUSTED CALIF. TOTAL: $FORM{'caltotal'}\n ";
print MAIL "CREDIT CARD NUMBER $FORM{'cardnumber'}\n ";
print MAIL "Expiration Date $FORM{'expiremonth'} $FORM{'expireyear'}\n ";
print MAIL "Card Holder $FORM{'cardholder'}\n ";
if ($CONFIG{'sort'} eq 'alphabetic') {
      foreach $key (sort keys %FORM) {
         # Print the name and value pairs in FORM array to mail.
         print MAIL "$key: $FORM{$key}\n\n";
      }
   }
   elsif ($CONFIG{'sort'} ne 'alphabetic') {
         $CONFIG{'sort'} =~ s/order://;
      @sorted_fields = split(/,/, $CONFIG{'sort'});
      foreach $sorted_field (@sorted_fields) {
         # Print the name and value pairs in FORM array to mail.
         if ($FORM{$sorted_field}) {
            print MAIL "$sorted_field: $FORM{$sorted_field}\n\n";
         }
      }
   }
   else {
      foreach $key (keys %FORM) {
         # Print the name and value pairs in FORM array to html.
         print MAIL "$key: $FORM{$key}\n\n";
      }
   }
   
$totalprice = 0;
open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
@LINES=<REFFILE>;
close(REFFILE);
$SIZE=@LINES;
close (MAIL);
}

# Send to receipt
sub send_verify {
local($totalquant,$totalprice,$taxtotal) = 0;
   # Open The Mail Program

   open(MAIL,"|$mailprog -t");

   print MAIL "To: $FORM{'email'}\n";
   print MAIL "From: $FORM{'recipient'}\n";
   print MAIL "Subject: Order Verification\n\n";
   print MAIL "Thank you for your order from our WHOLE O CATALOGUE\,  ";
   print MAIL "submitted by $FORM{'realname'} ($FORM{'email'}) on ";
   print MAIL "$date\n";
   print MAIL "----------------------------------------------------------------\n";
   print MAIL "The purchase is:\n\n";
   
   
print MAIL sprintf ("%-45.45s", "Item Name");
print MAIL sprintf ("%14.14s", "Item Price");
print MAIL sprintf ("%10.10s", "Quantity");
print MAIL sprintf ("%18.18s", "Item Total");
print MAIL "\n";
print MAIL "----------------------------------------------------------------------\n";


for ($i=1;$i<$SIZE;$i++) {
   $_=$LINES[$i];
($itemname, $itemprice, $itemquant, $weight) = split(/\|/,$_);
$tmpprice = $itemprice*$itemquant;
$tmpprice = int($tmpprice * (10 ** 2) + .5) / (10 ** 2);
$totalprice=$totalprice + $tmpprice;
$totalquant=$totalquant + $itemquant;
$totalweight = $totalweight + $weight;

print MAIL sprintf ("%-45.45s", $itemname);
print MAIL sprintf ("%13.13s", "\$$itemprice");
print MAIL sprintf ("%10.10s", $itemquant);
print MAIL sprintf ("%10.10s", "          ");
print MAIL sprintf ("%5.2f",$tmpprice);
print MAIL "\n";
}

pr

0
ozoCommented:
Where is $reffile set?
0
georgiaAuthor Commented:
I assume when the user adds an item....
# Add a item to the cart, show review page, unless they included a redirect variable.
                      sub add_item {
                      open (REFFILE,"$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
                      @LINES=<REFFILE>;
                      close(REFFILE);
                      $SIZE=@LINES;
                      open (REFFILE,">$reffile") || print "Content-type: text/html\n\n Can't Open $reffile(r): $!\n";
                      print REFFILE "$date\| $ENV{'REMOTE_HOST'}\| $ENV{'HTTP_USER_AGENT'}\|NULL\|NULL\|$partner|\n";
                   
0
ozoCommented:
That routine uses the value of $reffile, but where was $reffile defined?
Was it in usa.cfg?
If two invocations of the program share the same value for $reffile, they could overwrite each others <REFFILE>
0
georgiaAuthor Commented:
Hmm.... yes it is set in the .cfg file.... here is the file:

#!/usr/bin/perl
###########################################################################
# S-Mart Shopping Cart Script v1.8
# Shop smart. Shop S-Mart.
# Written by Barry Robison. (brobison@rcinet.com)
# This script uses code written by Matt Wright.
# Please visit his site at http://worldwidemart.com
# This script is mailware. Please e-mail me if you use it.
#
# Selling the code for this program without prior written consent is        
# expressly forbidden.  In other words, please ask first before you try and  
# make money off of my program.                                              
#                                                                            
# Obtain permission before redistributing this software over the Internet or
# in any other medium.  In all cases copyright and header must remain intact.
###########################################################################
# Custimization portion
###########################################################################

# The path to send mail on your system
$mailprog = '/usr/sbin/sendmail';

# Do you want to use cookies or not? 1 to use cookies, 0 to use domain/IP
$usecookie = 0;

# URL to this script:
$cgiurl = "http://www.danoday.com/uscatalog/usa.cgi";
$adminurl = "http://www.danoday.com/uscatalog/usaadmin.cgi";

# what is the base path to the directory where the files are (header,footer, order form)?
$basepath= "/home/danoday/www/uscatalog";

# what are your header and footer HTML docs?
$header = "demoheader.html";
$footer = "demofooter.html";
$secureheader = "securedemoheader.html";

# where is the order form HTML doc?
$order = "demoorder.html";

# where is your temporary directory for DB files?
$tmpdir = "/home/danoday/www/uscatalog/tmp";

# Storename. Keep it simple, it's only used for file naming. (i.e. "store1")
# If you are running multiple stores on one server, using the same temp space,
# make sure they all have different names.
$storename = "UScat";

# Death and taxes.
# 0 = No taxes calculated.
# 1 = Calculate Tax by State
# 2 = Always calculate tax

$tax = "0";
# Default tax amount, if state is not specified, or if tax is always calculated
$taxamt = ".065";

if ($tax eq '1') {
      %taxes = (OH,'.065',TX,'.05')
      }

# Shipping
# NOTE: All the advanced shipping is now working!
# 0 = No shipping
# 1 = Shipping by number of items
# 2 = Non-variable shipping
# 3 = Shipping by weight
# 4 = Shipping by price

$shipping = "2";

# For non-variable shipping
if ($shipping eq '2') {
$shipamt = "5.00";
}

# For shipping by number of items
# It works like this (20,'20.00',11,'10.00',6,'5.00') For less than 20 items, charge $20.00.
# For 6 - 10 items charge $10.00, and so on
if ($shipping eq '1') {
%shipping = (20,'20.00',5,'10.00',1,'5.00');
}

# For shipping by weight:
# For <100 pounds charge $40, for <50 pounds charge $15, etc..
if ($shipping eq '3') {
%shipping = ('100','40.00','50','15.00','5','0.00');
}


# For shipping by price:
# (price,shipping,price,shipping,etc)
if ($shipping eq '4') {
%shipping1 = ('1.00','7.95','25.00','9.95','50.00','11.95','75.00','13.95','100.00','15.95','200.00','17.95'); #Standard
%shipping2 = ('1.00','19.95','25.00','22.95','50.00','31.95','75.00','34.95','100.00','42.95','200.00','44.95'); #2nd Day
%shipping3 = ('1.00','29.95','25.00','34.95','50.00','39.95','75.00','42.95','100.00','49.95','200.00','52.95'); #Next Day
}

# Do you want to verify Credit Card Numbers?
# Keep in mind that all this does, is ensure that the number is in the proper format.
# It is in NO WAY an authorization, just a qualifier.
# $useverify = 0; who would give inaccurate information?
# $useverify = 1; Trust customers?! Ha!
$useverify = 1;

# Make sure you have ccverify.lib
if ($useverify eq '1') {
      require 'ccverify.lib';
      }
      
# If you don't want to go to the review page after adding an item, set this to # '1'
$useredirect = 1;

###########################################################################
#
# Ok, so that's done. But now how do you put that whole catalogue on-line?
# Easy use the Inventory manager. It so easy that any idiot (even your
# customers!) can edit and update their on-line store! No need for training
# those schmucks HTML!
#
###########################################################################
# Do you want do do your own catalogue pages or have the computer generate
# then on the fly, from a inventory database?
# $useadmin = 0 (don't use it)
# $useadmin = 1 (use it!)
###########################################################################
$useadmin = "1";

if ($useadmin eq '1') {
# Where is the database file you want to use?
$resourcedb = "/home/danoday/www/uscatalog/demo.db";

# Where is the ID file?
$idfile = "/home/danoday/www/uscatalog/item.id";

# Where are the product images?
$imageurl = "/images";

# Do you want to review command to show the prodcuct images?
# $useimage = 0; images scare me
# $useimage = 1; bring em on
$useimage = 0;

#Do you want to display to product ID number?
#useid = 0; no way!
#useid = 1; way
$useid = 0;

# Groups. Aisles. Rows. Whatever the hell you want to call them, they are
# A convenient way to divide a store into sections.
# List all your groups here:
# (name of group in database, 'how you want it to appear')

%groups = ('Production Aids', 'Production Aids', 'Comedy', 'Comedy', 'Career Advancement', 'Career Advancement', 'Research', 'Research', 'Management', 'Management', 'Morning Shows', 'Morning Shows', 'Programming', 'Programming', 'Airchecks', 'Airchecks', 'Jingles', 'Jingles', 'Dork-A-Pellas', 'Dork-A-Pellas', 'Sales', 'Sales', 'Promotions', 'Promotions', 'Show Prep', 'Show Prep', 'Air Talent Development', 'Air Talent Development', 'Personality', 'Personality', 'T-Shirts', 'T-Shirts', 'Voiceover', 'Voiceover', 'Talk Radio', 'Talk Radio');


###########################################################################
# Now how do you get the server to generate the pages?
# Easy simply make this call from your HTML:
# http://www.foo.com/smart/S-Mart.cgi?command=listitems&pos=0
# Now decide how many items to list at a time:
###########################################################################
$numtolist = "5";


###########################################################################
# That's it. No more mess. Let your customer worry about updating the
# database.
###########################################################################
}

1;
0
georgiaAuthor Commented:
oops... it is actually not in there... it is in usa.cgi... this line:

# Get the hostname, for file reference
sub get_host {
$host = $ENV{'REMOTE_HOST'};
$reffile = "$tmpdir/$storename-$host";
}

so your thinking is that when it calls the script from the SSL server it overwrites the reffile?  how come this only happens about 1 out of 10 times?
0
georgiaAuthor Commented:
Adjusted points to 200
0
georgiaAuthor Commented:
increasing points....
0
ozoCommented:
It could happen randomly depending on the timing of the user requests.
for example, if they click submit twice before the first one responds.
Also, two users from the same REMOTE_HOST may overwrite each other's files, or see each others purchases.
Or a user might come through a proxy and have a different REMOTE_HOST each time they access the script.
It may be better to track your users with an <input type=hidden value=UniqueId> rather than REMOTE_HOST
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
georgiaAuthor Commented:
Thanks ozo....  I actually solved it by using REMOTE_ADDR... REMOTE_HOST was not always available like I thought on the SSL server....  
thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
E-Commerce

From novice to tech pro — start learning today.